by SIC
Original name unknown
Written in Delphi, compressed with UPX
dropped files: c:\WINDOWS\system32\fsb.stb Size: 10,240 bytes (Worm.Win32.Fesber) c:\WINDOWS\system32\fsb.tmp Size: 28,672 bytes (Backdoor.Win32.Delf.lz) added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" old data: Explorer.exe new data: Explorer.exe fsb.exe Does infect other files. attempts to connect to an IRC server tested on Windows XP September 09, 2004MegaSecurity